<?php
namespace app\admin\middleware;

use think\facade\Request;
use app\common\model\AuthGroup;
use app\common\model\AuthRule;

class AuthRuleCheck
{
    public function handle($request, \Closure $next)
    {
        $admin_info = session('admin_info');
        $action = $request->url();
        //获取权限集合
        $auth_group = AuthGroup::where('id', $admin_info['group_id'])->where('status',1)->value('rules');
        if(empty($auth_group))
        {
            if($request->method() == 'GET')
            {
                return view('admin/no_auth');
            }else{
                return returnJson(403, '您没有此权限!');
            }
        }
        if($auth_group != '*')
        {
            $auth_group_route = AuthRule::whereIn('id', $auth_group)->where('status',1)->column('route');
            $auth_group_route = array_values(array_filter($auth_group_route));
            if(!in_array($action, $auth_group_route))
            {
                if($request->method() == 'GET')
                {
                    return view('admin/no_auth');
                }else{
                    return returnJson(403, '您没有此权限!');
                }
            }
        }
        return $next($request);
    }
}